Page Menu
Home
DevCentral
Search
Configure Global Search
Log In
Files
F30098694
D4103.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
3 KB
Referenced Files
None
Subscribers
None
D4103.diff
View Options
diff --git a/_modules/certificates.py b/_modules/certificates.py
new file mode 100644
--- /dev/null
+++ b/_modules/certificates.py
@@ -0,0 +1,30 @@
+# -------------------------------------------------------------
+# Salt — Certificates module
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# Description: Functions related to certificates management
+# License: BSD-2-Clause
+# -------------------------------------------------------------
+
+from typing import Dict
+
+
+def get_certificates_options() -> Dict:
+ """
+ Resolve the pillar data for certificates options.
+ Merge certificates_default_options and certificates_options dictionaries.
+ """
+
+ options = {}
+ default_options = __pillar__.get("certificates_default_options", {})
+ certificates_options = __pillar__.get("certificates_options", {})
+
+ for certificate in __pillar__.get("certificates", []):
+ certificate_options = default_options.copy()
+
+ for key, value in certificates_options.get(certificate, {}).items():
+ certificate_options[key] = value
+
+ options[certificate] = certificate_options
+
+ return options
diff --git a/_tests/data/pillar/certificates.yaml b/_tests/data/pillar/certificates.yaml
new file mode 100644
--- /dev/null
+++ b/_tests/data/pillar/certificates.yaml
@@ -0,0 +1,13 @@
+certificates:
+ - foo.domain.tld
+ - bar.domain.tld
+ - quux.domain.tld
+
+certificates_default_options:
+ reload: nginx -s reload
+
+certificates_options:
+ bar.domain.tld:
+ shared_group: baz
+ quux.domain.tld:
+ reload: propagate-quux-certificate
diff --git a/_tests/modules/test_certificates.py b/_tests/modules/test_certificates.py
new file mode 100755
--- /dev/null
+++ b/_tests/modules/test_certificates.py
@@ -0,0 +1,38 @@
+#!/usr/bin/env python3
+
+import unittest
+
+import salt_test_case
+import certificates
+
+
+class Testinstance(unittest.TestCase, salt_test_case.SaltTestCase):
+ def setUp(self):
+ self.initialize_mocks()
+ self.instance = certificates
+
+ self.mock_pillar("data/pillar/certificates.yaml")
+
+ def test_get_certificates_options(self):
+ expected = {
+ "foo.domain.tld": {
+ # Default option
+ "reload": "nginx -s reload",
+ },
+ "bar.domain.tld": {
+ # Default option
+ "reload": "nginx -s reload",
+ # Specific option
+ "shared_group": "baz",
+ },
+ "quux.domain.tld": {
+ # Specific option
+ "reload": "propagate-quux-certificate",
+ },
+ }
+
+ self.assertEqual(expected, self.instance.get_certificates_options())
+
+
+if __name__ == "__main__":
+ unittest.main()
diff --git a/roles/core/certificates/acmesh.sls b/roles/core/certificates/acmesh.sls
--- a/roles/core/certificates/acmesh.sls
+++ b/roles/core/certificates/acmesh.sls
@@ -8,7 +8,7 @@
{% from "map.jinja" import dirs with context %}
{% set certificates = pillar.get("certificates", []) %}
-{% set certificates_options = pillar.get("certificates_options", {}) %}
+{% set certificates_options = salt["certificates.get_certificates_options"]() %}
# -------------------------------------------------------------
# Software
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Fri, May 22, 07:10 (23 h, 1 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
3744936
Default Alt Text
D4103.diff (3 KB)
Attached To
Mode
D4103: Allow to provide default options for acme.sh certificates
Attached
Detach File
Event Timeline
Log In to Comment